Multiple vulnerabilities have been identified in OpenSSL, a SecureSockets Layer toolkit, that may result in denial of service(application crash, large memory consumption), information leak,protocol downgrade. Additionally, a buffer overrun affecting onlyapplications explicitly set up for SRP has been fixed (CVE-2014-3512).